SlideShare a Scribd company logo

A Blockchain Quest - Hacker House

C
Crypto Dashie

The document discusses the impact and implications of blockchain technology, emphasizing decentralized trust, privacy, and the potential for revolutionizing problem solving. It covers topics such as security in cryptocurrency mining, the dangers of misleading ICOs, and hacking techniques related to mining hardware. The presentation includes a live demo and suggests recommended reading on blockchain and cryptocurrency fundamentals.

Technology
Related topics:
Digital Design Themes
1 of 39
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
A BLOCKCHAIN QUEST
INTRODUCTIONS • Hacker Fantastic, Co-Founder Hacker House • Security training and professional services • Why listen? • Talk contains a live demo, participation optional.
ⒶANARCHY VS WOLF $STREET
THIS ISN’T JUST ABOUT MONEY… • Blockchains are a new computer paradigm • De-centralized Trust • Peer-2-Peer • Privacy orientated • Secured with Cryptography • Censorship Resistant • Open World Order vs New World Order • Machine-Aided Consensus • Increased Connectivity • Decreased Overheads • Problem Solving Potential REVOLUTION
CRYPTO CYBER CRIME WAVE
RAMPANT FRAUD, US-SEC & MONEY LAUNDERING • ICO’s are dangerously misleading, often solving no real problem • Regulation tries to curb & control, questions legitimacy • Media hysteria, lack of understanding, misinformed old television & young facebook generations. #FAKEnews, Cambridge Analytica, feeds of ”Get Rich, Bitcoin” scams. Social capital. • Fools & their money are easily parted
YOU ENTER THE TAVERN… • Quest through lifecycles of “Mining” • Proof-of-Work Puzzle Consensus Acceleration • Digital Design, Modelling & Simulations • Outputs
EQUIP YOUR PARTY WISELY! • Electrical engineering primer is recommended, health & safety 101, electricity is serious business +1 • Know Ohms law, Watts, Amps, kWh, IC’s, Maker etc. • 1-10-100 mA rule, please avoid death! • Avoid fires by using proper rated wiring, for ALL PARTS OF INSTALLATION! Keep to 10A max per socket, don’t overload the ring!
A Blockchain Quest - Hacker House
GPU … ... FPGA
DEVELOPMENT BOARD • Terasic DE0-Nano Cyclone FPGA • < $100 22K LE FPGA board • Quartus II Version 13.0.1 Web Edition (Linux) • JTAG SignalTap II • Verilog design & JSON scripts for getWork (no stratum) • Hashrate 3-28MH/s (25 – 450MHz) https://github.com/cryptodashie/Open-Source-FPGA- Bitcoin-Miner
FPGA – DIGITAL DESIGN & MODELLING
FPGA PIPELINING & PERFORMANCE ENHANCING IO • Phase-locked Loop (PLL) • High speed I/O (GPIO++) • Fast data transfer • OVERCLOCK DANGEROUS
FPGA OVERCLOCKING & WATER COOLING • 50MHz XTAL • 0-50 MHz (no cooling) • 50-200 MHz (fan/heatsink) • 200-450 MHz (water) • OVERCLOCK AT OWN RISK
BITCOIN PROOF-OF-WORK BLOCK DIAGRAM
CHIP PLANNER BLOCK UTILIZATION
FPGA PROGRAM DE0-NANO VIA FLASH LOADER
SCALABLE R&D FOR PROOF-OF-WORK ALGORITHMS • Litecoin Core example available • Pokemon your own! • Keecak SHA-3? 1/2/3 from X11?
ASIC MINERS
A Blockchain Quest - Hacker House
MADE IN CHINA, HACKED IN UK!
HEALTH HAZARDS, BE SAFE.
A Blockchain Quest - Hacker House
BEAGLECLONE – PARTIAL POPULATED BLACK PCB • L3+ / A3 / D3 model controllers • Angstorm Linux • Firmware easily dumped / downloaded • No code signing, trivial to mod • auth.minerlink.com remote manager “antbleed” • SSH / HTTP defaults ”root/root” “root/admin”
HACKING BITCOIN MINERS • Shodan / Google Dork to identify miners • Easy strings “antMiner Configuration” realm • Exposed footprint has Pre-Auth information leaks • IP geolocate large remote mining farms
BITMAIN FIRMWARE HACKING • https://github.com/cryptodashie/bitmain_hacking (reverse engineering data) • 1.5% DEV FEE (pool switching) • Blissz port cgminer-4.9 to cgminer-4.10 • Control individual boards in software, no need for hardware modifications (A++)
WAREZ JUAREZ REVOLUTION SIACOIN/SIAFUND …
INTERPLANETARY FILE SYSTEM (IPFS) http://ipfs.io/ (scan data) https://github.com/cryptodashie/ipfs
HOSTS NEONAZIS, MALWARE, PORN, BLOGS...
HARDWARE WALLETS • Hardware + Firmware • Supply chain attacks • All three platforms had recent patches, props Saleem Rashid! • Chrome WebUSB (?)
WEB3.JS – ENUMERATION & PROMISE EXAMPLE Enumerate account details, interact with wallets or prompt unlocking….
RISE OF THE CRYPTONIGHT JAVASCRIPT MINER • Cryptonight proof-of-work can mine Monero (XMR) • Replace captchas, adverts or monetize links • Very low profit returns, $0.1 (users adapt)
A Blockchain Quest - Hacker House
INTERNET-OF-THINGS, PUBLIC SPACE, SHORT LINKS
MONERO-IN-THE-MIDDLE (XMR INJECTION) • Use of WiFi enabled embedded device • KARMA attack (hostapd-wpe) • PAYG Internet Connectivity via (4G) LTE • Supports multiple MITM modes of operation
DEMO
RECOMMENDED READING • Verilog by example - Blaine C. Readler • Mastering Bitcoin – Andreas Antonopoulos • Introducing Ethereum and Solidity - Chris Dannen
A Blockchain Quest - Hacker House
Q&A? THANK YOU #COINFESTUK FOR LISTENING https://hacker.house

More Related Content

PPTX
Presentation1
Mostafa Najmi
 
PPTX
On Mining Bitcoins - Fundamentals & Outlooks
Filip Maertens
 
PDF
Blockchain and Cyber Defense Strategies in new genre times
anupriti
 
PPTX
Bitcoin: A Peer-to-Peer Electronic Cash System
Paras Jain
 
PDF
Bitcoin & Blockchain
Len Mei
 
PDF
Bitcoin and blockchain engineering
Gregory Bataille
 
PDF
IoT exploitation: from memory corruption to code execution - Marco Romano - C...
Codemotion
 
PDF
IoT exploitation: from memory corruption to code execution by Marco Romano
Codemotion
 
Presentation1
Mostafa Najmi
 
On Mining Bitcoins - Fundamentals & Outlooks
Filip Maertens
 
Blockchain and Cyber Defense Strategies in new genre times
anupriti
 
Bitcoin: A Peer-to-Peer Electronic Cash System
Paras Jain
 
Bitcoin & Blockchain
Len Mei
 
Bitcoin and blockchain engineering
Gregory Bataille
 
IoT exploitation: from memory corruption to code execution - Marco Romano - C...
Codemotion
 
IoT exploitation: from memory corruption to code execution by Marco Romano
Codemotion
 

Similar to A Blockchain Quest - Hacker House (20)

PDF
Task of Bitcoin Miners, a module for Bitcoin .pdf
aandk091
 
PDF
Raspberry pi overview
Matthew Karas
 
PDF
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Lyon Yang
 
PDF
Hardware Hacking
Andrew Brockhurst
 
PDF
Raspberry Pi Computer Architecture Essentials Dennis Andrew K
dakorarampse
 
PPTX
Advanced SOHO Router Exploitation XCON
Lyon Yang
 
PDF
Bitcoin - Beyond the basics
Chris DeRose
 
PDF
Basics of Block Chain
Tharindu Weerasinghe
 
PPTX
Raspberry Pi meetup
icarter09
 
PDF
Part 3 Introduction to Cryptocurrency.pdf
Jyoti Yadav
 
PDF
State of Ethereum, and Mining
Mediabistro
 
PPTX
PLNOG 21: Patryk Wojtachnio - Od_zera_do_farmera
PROIDEA
 
PPTX
Crytomining hacking
Cis siva
 
PPTX
BlockchainConf.tech - Build a private blockchain workshop
Pad Kankipati
 
PPTX
Bitcoins, blockchains and beyond
jhaand
 
PDF
Blockchain beyond bitcoin
GeekNightHyderabad
 
PDF
Blockchain overview, use cases, implementations and challenges
Sébastien Tandel
 
PPTX
Mining
David Evans
 
PDF
Blockchain for IoT
Federico Tenga
 
ODP
Bugs Aren't Random
Dan Kaminsky
 
Task of Bitcoin Miners, a module for Bitcoin .pdf
aandk091
 
Raspberry pi overview
Matthew Karas
 
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Lyon Yang
 
Hardware Hacking
Andrew Brockhurst
 
Raspberry Pi Computer Architecture Essentials Dennis Andrew K
dakorarampse
 
Advanced SOHO Router Exploitation XCON
Lyon Yang
 
Bitcoin - Beyond the basics
Chris DeRose
 
Basics of Block Chain
Tharindu Weerasinghe
 
Raspberry Pi meetup
icarter09
 
Part 3 Introduction to Cryptocurrency.pdf
Jyoti Yadav
 
State of Ethereum, and Mining
Mediabistro
 
PLNOG 21: Patryk Wojtachnio - Od_zera_do_farmera
PROIDEA
 
Crytomining hacking
Cis siva
 
BlockchainConf.tech - Build a private blockchain workshop
Pad Kankipati
 
Bitcoins, blockchains and beyond
jhaand
 
Blockchain beyond bitcoin
GeekNightHyderabad
 
Blockchain overview, use cases, implementations and challenges
Sébastien Tandel
 
Mining
David Evans
 
Blockchain for IoT
Federico Tenga
 
Bugs Aren't Random
Dan Kaminsky
 

Recently uploaded (20)

PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
PPTX
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
PDF
Heart disease approach using modified random forest and particle swarm optimi...
IAESIJAI
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
August Patch Tuesday
Ivanti
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PPTX
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PDF
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
PPTX
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
Heart disease approach using modified random forest and particle swarm optimi...
IAESIJAI
 
Teaching material agriculture food technology
LiaRayya
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
Approach and Philosophy of On baking technology
30anthuong17
 
August Patch Tuesday
Ivanti
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
Encapsulation theory and applications.pdf
gurumoop
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 

A Blockchain Quest - Hacker House

  • 2. INTRODUCTIONS • Hacker Fantastic, Co-Founder Hacker House • Security training and professional services • Why listen? • Talk contains a live demo, participation optional.
  • 4. THIS ISN’T JUST ABOUT MONEY… • Blockchains are a new computer paradigm • De-centralized Trust • Peer-2-Peer • Privacy orientated • Secured with Cryptography • Censorship Resistant • Open World Order vs New World Order • Machine-Aided Consensus • Increased Connectivity • Decreased Overheads • Problem Solving Potential REVOLUTION
  • 6. RAMPANT FRAUD, US-SEC & MONEY LAUNDERING • ICO’s are dangerously misleading, often solving no real problem • Regulation tries to curb & control, questions legitimacy • Media hysteria, lack of understanding, misinformed old television & young facebook generations. #FAKEnews, Cambridge Analytica, feeds of ”Get Rich, Bitcoin” scams. Social capital. • Fools & their money are easily parted
  • 7. YOU ENTER THE TAVERN… • Quest through lifecycles of “Mining” • Proof-of-Work Puzzle Consensus Acceleration • Digital Design, Modelling & Simulations • Outputs
  • 8. EQUIP YOUR PARTY WISELY! • Electrical engineering primer is recommended, health & safety 101, electricity is serious business +1 • Know Ohms law, Watts, Amps, kWh, IC’s, Maker etc. • 1-10-100 mA rule, please avoid death! • Avoid fires by using proper rated wiring, for ALL PARTS OF INSTALLATION! Keep to 10A max per socket, don’t overload the ring!
  • 11. DEVELOPMENT BOARD • Terasic DE0-Nano Cyclone FPGA • < $100 22K LE FPGA board • Quartus II Version 13.0.1 Web Edition (Linux) • JTAG SignalTap II • Verilog design & JSON scripts for getWork (no stratum) • Hashrate 3-28MH/s (25 – 450MHz) https://github.com/cryptodashie/Open-Source-FPGA- Bitcoin-Miner
  • 12. FPGA – DIGITAL DESIGN & MODELLING
  • 13. FPGA PIPELINING & PERFORMANCE ENHANCING IO • Phase-locked Loop (PLL) • High speed I/O (GPIO++) • Fast data transfer • OVERCLOCK DANGEROUS
  • 14. FPGA OVERCLOCKING & WATER COOLING • 50MHz XTAL • 0-50 MHz (no cooling) • 50-200 MHz (fan/heatsink) • 200-450 MHz (water) • OVERCLOCK AT OWN RISK
  • 16. CHIP PLANNER BLOCK UTILIZATION
  • 17. FPGA PROGRAM DE0-NANO VIA FLASH LOADER
  • 18. SCALABLE R&D FOR PROOF-OF-WORK ALGORITHMS • Litecoin Core example available • Pokemon your own! • Keecak SHA-3? 1/2/3 from X11?
  • 21. MADE IN CHINA, HACKED IN UK!
  • 24. BEAGLECLONE – PARTIAL POPULATED BLACK PCB • L3+ / A3 / D3 model controllers • Angstorm Linux • Firmware easily dumped / downloaded • No code signing, trivial to mod • auth.minerlink.com remote manager “antbleed” • SSH / HTTP defaults ”root/root” “root/admin”
  • 25. HACKING BITCOIN MINERS • Shodan / Google Dork to identify miners • Easy strings “antMiner Configuration” realm • Exposed footprint has Pre-Auth information leaks • IP geolocate large remote mining farms
  • 26. BITMAIN FIRMWARE HACKING • https://github.com/cryptodashie/bitmain_hacking (reverse engineering data) • 1.5% DEV FEE (pool switching) • Blissz port cgminer-4.9 to cgminer-4.10 • Control individual boards in software, no need for hardware modifications (A++)
  • 28. INTERPLANETARY FILE SYSTEM (IPFS) http://ipfs.io/ (scan data) https://github.com/cryptodashie/ipfs
  • 29. HOSTS NEONAZIS, MALWARE, PORN, BLOGS...
  • 30. HARDWARE WALLETS • Hardware + Firmware • Supply chain attacks • All three platforms had recent patches, props Saleem Rashid! • Chrome WebUSB (?)
  • 31. WEB3.JS – ENUMERATION & PROMISE EXAMPLE Enumerate account details, interact with wallets or prompt unlocking….
  • 32. RISE OF THE CRYPTONIGHT JAVASCRIPT MINER • Cryptonight proof-of-work can mine Monero (XMR) • Replace captchas, adverts or monetize links • Very low profit returns, $0.1 (users adapt)
  • 35. MONERO-IN-THE-MIDDLE (XMR INJECTION) • Use of WiFi enabled embedded device • KARMA attack (hostapd-wpe) • PAYG Internet Connectivity via (4G) LTE • Supports multiple MITM modes of operation
  • 36. DEMO
  • 37. RECOMMENDED READING • Verilog by example - Blaine C. Readler • Mastering Bitcoin – Andreas Antonopoulos • Introducing Ethereum and Solidity - Chris Dannen
  • 39. Q&A? THANK YOU #COINFESTUK FOR LISTENING https://hacker.house